Shodan
Maps
Images
Monitor
Developer
More...
Dashboard
View Api Docs
Vulnerabilities
By Date
Known Exploited
Advanced Search
Vulnerable Software
Vendors
Products
Growatt:
Security Vulnerabilities
CVE-2025-30257
Unauthenticated attackers can retrieve serial number of smart meters associated to a specific user account.
CVSS Score
6.9
EPSS Score
0.003
Published
2025-04-15
CVE-2025-30510
An attacker can upload an arbitrary file instead of a plant image.
CVSS Score
9.3
EPSS Score
0.002
Published
2025-04-15
CVE-2025-30512
Unauthenticated attackers can send configuration settings to device and possible perform physical actions remotely (e.g., on/off).
CVSS Score
6.9
EPSS Score
0.006
Published
2025-04-15
CVE-2025-27719
Unauthenticated attackers can query an API endpoint and get device details.
CVSS Score
6.9
EPSS Score
0.005
Published
2025-04-15
CVE-2025-27927
An unauthenticated attackers can obtain a list of smart devices by knowing a valid username through an unprotected API.
CVSS Score
6.9
EPSS Score
0.003
Published
2025-04-15
CVE-2025-27929
Unauthenticated attackers can retrieve full list of users associated with arbitrary accounts.
CVSS Score
6.9
EPSS Score
0.003
Published
2025-04-15
CVE-2025-27575
An unauthenticated attacker can obtain EV charger version and firmware upgrading history by knowing the charger ID.
CVSS Score
6.9
EPSS Score
0.003
Published
2025-04-15
CVE-2025-27561
Unauthenticated attackers can rename "rooms" of arbitrary users.
CVSS Score
6.9
EPSS Score
0.003
Published
2025-04-15
CVE-2025-27565
An unauthenticated attacker can delete any user's "rooms" by knowing the user's and room IDs.
CVSS Score
6.9
EPSS Score
0.003
Published
2025-04-15
CVE-2025-26857
Unauthenticated attackers can rename arbitrary devices of arbitrary users (i.e., EV chargers).
CVSS Score
6.9
EPSS Score
0.003
Published
2025-04-15
Prev
Next
Page 2
Products
Monitor
Search Engine
Developer API
Maps
Bulk Data
Images
Snippets
Pricing
Membership
API Subscriptions
Enterprise
Contact Us
support@shodan.io
Shodan ® - All rights reserved